If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Enjoy an ad free experience by logging in. Not a member yet? Register.

Nobody in their right mind would even try to communicate directly from a mobile app (or any client side app) directly with a database. To do so, you would have to pass the DB username and password--along with *ALL* the SQL queries--from the mobile device to the DB server. And that means that anybody who managed to sniff the communications or read the coding of your app would now have full access to your database and could do all sorts of nasties to it. *CLEARLY* you want and need to have server side code that protects you from this kind of stuff. The server-side code knows what kind of requests it will accept from the app and will reject anything else. And it would then never just take a SQL command from the app and execute it, as is. It would always validate and "sanitize" the requests.

you want and need to have server side code that protects you from this kind of stuff. The server-side code knows what kind of requests it will accept from the app and will reject anything else. And it would then never just take a SQL command from the app and execute it, as is. It would always validate and "sanitize" the requests.

So would I have my app access a php script using a URL loaded with $_GET vars to define the action required and to authenticate the source? I can understand doing something along those lines.

What I'm not too sure about is the reading half though.

How can my app retrieve information from the server? Once my php script authenticates and gets the database info that's been requested, how can I provide this to my app?